Privacy Policy

Kelvin Smith (Insurance Brokers) Ltd – Privacy Policy

Who we are

Kelvin Smith (Insurance Brokers) Ltd is an insurance broker who strives to protect the privacy and security of the information we receive from you in the process of providing insurance broking services. As a data controller we will present you with quotes and incept policies chosen from a selection of insurers. Some of these are intermediaries who will provide quotes to us from their own panel of insurers. Your personal data will be shared with these insurance participants in order that we can present you with a quote/incept a policy.

What information do we collect

To provide you with a product or service that meets your needs, or to handle a claim we will collect personal information such as:

Insured Risk – information about the insured risk which may mean we request, record and share sensitive personal information ie convictions or medical history. We will only collect and process sensitive data where it is critical to the provision of a product or service and we will not therefore ask for your explicit consent to process this sensitive information. If you object or withdraw consent then we will be unable to offer you that product or service.

Policy Information – information about the quotes you receive, and the ultimate policy(s) taken out.

Credit and Anti-Fraud data – credit history and credit score, criminal offences and sanctions details received from various anti-fraud and sanctions databases, regulators or law enforcement agencies.

Previous and Current Claims – information about previous and current claims which may include data relating to your health, criminal convictions, photographs and/or video to help manage your policy or claim, tracking and location information if it is relevant to your policy or claim.

How we use this information (see Appendix A for our legal grounds to process this data)

We use your personal information in the following ways:

- To provide you with quotes, administer your policy and claims

- To administer third party claims, deal with complaints and meet our legal obligations to prevent financial crime

- To manage our business and conduct market research to meet the legitimate needs of our business.

- To send marketing information about other Kelvin Smith Group products/services if we have your specific consent.

Where we might collect your Personal Information from

We may receive your personal information via various mediums: face to face, over the phone, from our website, letter or email, directly from other insurance participants.

- in the event of a claim, third parties including the other party to the claim (claimant/defendant), witnesses, experts (including medical experts), loss adjusters, solicitors, and claims handlers

The particular sources which apply in each case will depend on the context and your particular circumstances.

Disclosing other people’s information to us

You should show this notice to anyone whose personal data you provide to us. You must ensure that any such personal data you supply relating to anyone else is accurate and that you have obtained their consent to the use of their personal data for the purposes set out above. Where you authorise a third party on the policy, it is our standard practice to speak to either you or the third party regarding the policy, after completing relevant identity checks.

- insurers, third party underwriters, reinsurers, insurance intermediaries, regulators, law enforcement, the Financial Ombudsman Service (FOS)

- and other organisations that provide services to us or you

If we provide information to a third party we will require it and any of its agents and/or suppliers to take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

We may of course be obliged by law to pass on your information to the police or other law enforcement body, or statutory or regulatory authority including but not limited to the Employer’s Liability Tracing Office (ELTO) and the Motor Insurance Bureau (MIB).

We may also share your information with anyone you have authorised to deal with us on your behalf.

Securing your Personal Information

We follow strict physical, electronic and procedural safeguards as is appropriate for the information we hold. These safeguards vary depending on the sensitivity, format, location, amount, distribution and storage of this personal information and include measures to keep it from unauthorised access. These measures include staff training, authorised and General Data Protection Regulation (GDPR) compliant office and admin system software, firewalls, access controls, separation of duties and other security protocols. We restrict access to personnel and third parties that require access to this information for legitimate, relevant business purposes.

Transferring personal information outside the UK

Our third party admin system provider has back up servers in both the UK and Europe and is protected by laws and procedures compliant with this Privacy Policy.

How long we keep Personal Information for

We keep information only for as long as we need it to administer the policy, manage our business or as required by law or contract. We will normally keep information for no more than 7 years after termination or cancellation of a product, contract or service we provide. In certain cases, we will keep your information for longer, particularly where a product includes liability insurances or types of insurance for which a claim could potentially be made by you or a third party at a future date, even after your contract with us has ended.

Your Rights

Under data protection law you have the right to object to us using your personal information – we will either agree to stop using it or explain why we are unable to. You can also change/correct the personal information we hold about you. You can withdraw your consent and to request details of any personal data that we hold about you. Where we have no legitimate reason to continue to hold your information, you have the right to be forgotten. You can make a complaint to the Information Commissioner’s Office (ICO) but we would encourage you in the first instance to contact our Data Protection Officer:

Occasionally it may be necessary to make changes to this notice. When that happens we will provide you an updated version at the earliest opportunity. The most recent version will always be available on our website.

Cookie Policy

Whilst using our website, some information will be collected automatically using ‘cookies’.

We use cookies on our website to help us provide customers with the best possible online experience. If you continue to browse our website we assume that you are happy for your web browser to receive all cookies served by our website.

Appendix A - List of legal grounds we rely upon

Legal Ground

For processing personal data and special categories of personal data

Performance of our contract with you

Processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract.

Compliance with a legal obligation

Processing is necessary for compliance with a legal obligation to which we are subject.

Protection of vital interests of you or another person

Processing is necessary in order to protect the vital interests of you or another natural person.

In the public interest

Processing is necessary for the performance of a task carried out in the public interest.

For our legitimate business interests

Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data, in particular where you are a child. These legitimate interests are set out next to each purpose.

For processing special categories of personal data

Your explicit consent (optional)

You have given your explicit consent to the processing of those personal data for one or more specified purposes. You are free to withdraw your consent , by contacting our Data Protection Officer.

Your explicit consent (necessary)

You have given your explicit consent to the processing of those personal data for one or more specified purposes, where we are unable to procure, provide or administer insurance cover without this consent. You are free to withdraw your consent by contacting our Data Protection Contact. However withdrawal of this consent will impact our ability to provide insurance or pay claims. For more details see section 5.

Protection of vital interests of you or another person, where you are unable to consent

Processing is necessary to protect the vital interests of you or of another natural person where you are physically or legally incapable of giving consent.

For legal claims

Processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity.

In the substantial public interest

Processing is necessary for reasons of substantial public interest, on the basis of EU or UK law.

For health services

Processing is necessary for the purposes of preventative or occupational medicine, for medical diagnosis, the provision of health or social care or treatment on the basis of EU or UK law or pursuant to contract with a health professional who I sunder legal or professional obligations of secrecy.